Vulnerabilities > GE > Intelligent Platforms Proficy Historian > 3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-15 | CVE-2012-0229 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GE Intelligent Platforms Proficy Historian The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted session on TCP port 14000 to (1) ihDataArchiver.exe or (2) ihDataArchiver_x64.exe. | 10.0 |
| 2011-11-02 | CVE-2011-3320 | Cross-Site Scripting vulnerability in GE Intelligent Platforms Proficy Historian Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
| 2011-11-02 | CVE-2011-1919 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GE Intelligent Platforms Proficy Historian Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic to (1) PRProficyMgr.exe in Proficy Server Manager, (2) PRGateway.exe in Proficy Server Gateway, (3) PRRDS.exe in Proficy Remote Data Service, or (4) PRLicenseMgr.exe in Proficy Server License Manager. | 10.0 |
| 2011-11-02 | CVE-2011-1918 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GE Intelligent Platforms Proficy Historian Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic. | 10.0 |